Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.193 views

Icingaweb Directory Traversal In Static Library File Requests

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Icingaweb Directory Traversal in Static Library File Requests', 'Description' = %q Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to...

7.5CVSS7AI score0.89378EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2023/05/05 6:48 p.m.123 views

Metasploit Weekly Wrap-Up

Throw another log file on the fire Our own Stephen Fewer authored a module targeting CVE-2023-26360 affecting ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier. The vulnerability allows multiple paths to code execution, but our module works by leveraging a...

10CVSS8.3AI score0.97339EPSS
Exploits23
Metasploit
Metasploit
added 2023/05/03 7:42 p.m.371 views

Icingaweb Directory Traversal in Static Library File Requests

Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to 2.8.5 inclusive suffer from an unauthenticated directory traversal vulnerability. The vulnerability is triggered through the icinga-php-thirdparty library, which allows unauthenticated users to retrieve arbitrary files from the target...

7.5CVSS7.6AI score0.89378EPSS
Exploits8
Veracode
Veracode
added 2020/09/07 2:56 a.m.29 views

Directory Traversal

icingaweb is vulnerable to directory traversal. The vulnerability exists as arbitrary files are readable by the process running Icinga Web 2...

7.5CVSS4.2AI score0.0328EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder